From 0415be93fc71c0abef4b5ffa8f416fc72be40c97 Mon Sep 17 00:00:00 2001 From: forkbomb Date: Wed, 25 Nov 2015 10:56:16 +1100 Subject: [WIP] i9300: SELinux M bringup currently you need to cherry-pick this: http://review.cyanogenmod.org/#/c/120540/ to boot. Change-Id: Ibf6f85db7235a5c09010bcedc57642f91f278d29 --- selinux/gpsd.te | 2 +- selinux/rild.te | 2 +- selinux/system_server.te | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/selinux/gpsd.te b/selinux/gpsd.te index d58665e..8eca21c 100644 --- a/selinux/gpsd.te +++ b/selinux/gpsd.te @@ -3,7 +3,7 @@ allow gpsd rild:unix_stream_socket connectto; allow gpsd system_data_file:fifo_file { create read write setattr open }; allow gpsd servicemanager:binder call; allow gpsd sysfs_wake_lock:file { read write open }; -allow gpsd system_data_file:file { create read write setattr open }; +allow gpsd system_data_file:file { read open }; allow gpsd system_data_file:dir { read write setattr open add_name }; allow gpsd system_server:binder call; allow gpsd system_server:unix_stream_socket { read write }; diff --git a/selinux/rild.te b/selinux/rild.te index 1df1a78..3339eaf 100644 --- a/selinux/rild.te +++ b/selinux/rild.te @@ -11,4 +11,4 @@ allow rild efs_block_device:blk_file rw_file_perms; allow rild efs_file:file { read open write setattr }; allow rild efs_device_file:dir create_dir_perms; -allow rild efs_device_file:file { setattr create rw_file_perms link_file_perms }; +allow rild efs_device_file:file { setattr create create_file_perms }; diff --git a/selinux/system_server.te b/selinux/system_server.te index a6b65ce..28085f4 100644 --- a/selinux/system_server.te +++ b/selinux/system_server.te @@ -14,7 +14,7 @@ allow system_server uhid_device:chr_file { read ioctl write open }; # /efs/wifi/.mac.info allow system_server wifi_data_file:file { read open }; -allow system_server default_prop:property_service set; +#allow system_server default_prop:property_service set; allow system_server gpsd:binder transfer; type_transition system_server system_data_file:fifo_file gps_data_file ".gps.interface.pipe.to_jni"; -- cgit v1.1